Problem/Motivation
The three functions used for access checking (_linkchecker_link_node_ids(), _linkchecker_link_comment_ids(), and _linkchecker_link_block_ids()) all return arrays. When the returned array is empty, which can happen if the user does not have access to content, the content is not being checked for links, or if the link is not in any content, the response is to always deny access. In some cases, like if the link is not in any content, that is the wrong response. A better method would be to return an explicit value indicating that the user does not have access, when that is the case, check the return value for that value, displaying the appropriate error notice, and displaying something different for an empty array.
Proposed resolution
Change the return value for actual permission checks to something other than an empty array, like FALSE or NULL, that can be used to determine if permission was actually denied.
Remaining tasks
Fix the issueCreate a patchReview the patch- Commit the patch
User interface changes
Some links previously erroneously identified with a permission denied message will be visible.
API changes
The three functions will also return FALSE, in addition to an array.
Data model changes
None.
Original report by [username]
N/A
Comment | File | Size | Author |
---|---|---|---|
#5 | Screen Shot 2017-12-01 at 8.31.24 PM.png | 43.11 KB | Kristen Pol |
#5 | Screen Shot 2017-12-01 at 8.31.05 PM.png | 24.38 KB | Kristen Pol |
#3 | linkchecker_change-access-check-return-values_2923219_3.patch | 6.15 KB | oadaeh |
|
Comments
Comment #2
oadaeh CreditAttribution: oadaeh at Hook 42 commentedBTW, I did try applying the patch in #1489132-17: "Permission restrictions deny" message on many broken links when https securepages, but that did not address this problem.
It might also be that this is a duplicate of #2195429: Permission restrictions deny for links to deleted nodes, but when I read through that issue, it seemed like the problem was fundamentally different.
Comment #3
oadaeh CreditAttribution: oadaeh at Hook 42 commentedThe attached patch attempts to address the issue raised here, though I'm not sure the return code for _linkchecker_link_block_ids() totally does it.
Comment #4
oadaeh CreditAttribution: oadaeh at Hook 42 commentedComment #5
Kristen PolThanks for the patch! It worked well for us. Before the patch we see permission denied errors like:
After the patch, it says that they aren't in content like:
I reviewed the code and didn't see anything obviously wrong and it's following Drupal coding standards so marking RTBC.
Comment #6
Kristen PolReally RTBC'ing this time.
Comment #7
dpi+1 RTBC.
Comment #8
NancyDruI also see this problem with Google Docs Viewer when it returns a 204 code. I am not sure your patch will handle that.
I added:
Comment #9
oadaeh CreditAttribution: oadaeh at Hook 42 commented@NancyDru that does not seem like the right way to fix that. I'm wondering if maybe there's something else going on that might be causing that, but I'm not sure how you got there, so I'm not sure. Would you mind taking a few minutes to explain the set up you have and how Google Docs Viewer and Link checker are interacting with each other? Thanks.
Comment #10
NancyDruI agree that it is not ideal.
I did set up an environment for testing the patch and I am not seeing the permission denied message any more, so you can ignore me.
With the patch I am not seeing these errors any more. +1 for RTBC.
Comment #11
oadaeh CreditAttribution: oadaeh at Hook 42 commentedComment #12
ckngTested patch #3, works great.
Comment #13
oraculi CreditAttribution: oraculi commentedAlso tested patch #3 and it solved the issue.
A bit of testing also seems to suggest that clicking the "Clear link data and analyze content for links" button in the Maintenance section of the Link Checker config screen ( /admin/config/content/linkchecker, then expand 'Maintenance' at the bottom of the page) also resolves the problem.
I initially encountered the permissions error only after changing the type of links to check to "Internal and external".
(edit to fix typo)
Comment #15
VladimirAusThank you for contributions. Committed! 🍺